Shape Security develops world's first "botwall"

January 23, 2014
by Bob Yirka

(Phys.org) —Newly created company Shape Security has announced new technology aimed at combating botnets. Called the ShapeShifter, the product helps protect website owners against website breaches, most specifically from denial-of-service attacks.

Botnets have been in the news a lot lately, due to their apparent ease in shutting down well known web sites. Thus far, they have been notoriously difficult to stop because of the way they operate—using polymorphism—where code is changed on the fly to prevent it from being identified. Botnet creators take advantage of unsuspecting users to build large networks of computers, all of which attempt to access a site at one time, causing it to be overloaded, thus preventing others from using the site for legitimate purposes. Shape Security says their new technology turns polymorphism back onto such attacks by using the same technique locally on each web site.

In order for a botnet to succeed, all of the computers attempting to access a single web site have to look for a common set of symbols or commands that are instigated when web access is attempted. Shape Security has built a roadblock to this approach by causing the computers that access a website to see different information each time they attempt to access the site. Thus, there is no common code for the botnet machines to look for, which means, they won't be able to identify the site they are trying to attack, or to access it if found—denial-of-service attacks are averted.

The video will load shortly.

Shape Security claims that the added code to a web site won't cause any noticeable delays to the user interface (or how it appears) and that it works against other types of attacks as well, such as account takeover, and man-in-the-browser. They note that their approach works because it deflects attacks in real time whereas code for botnets is changed only when it installs (to change its signature).

ShapeShifter is currently being sold to website owners as a hardware device, though Shape Security says a cloud based application is under development. Because of the enormous amounts of capital invested by the company in inventing a whole new way to battle web attacks, the cost for each device is believed to be in the millions. For that reason, at least initially, it will be aimed at very large corporate sites, particularly those in the banking, e-commerce and health care industries.

User comments

on it's face this is blatant ridiculousness, Likely intended as a write-off expense for large companies which are less likely to be targets of DDoS in the first place. Like a body-guard, it's more about the feeling of security than actual security.

any botnet, performing a ddos, worth it's salt, does not care what the response is from the target server. the end-client doesn't need to recieve more than the first few bytes of the header of the packet before resetting the socket, and allowing the info to dissipate into the aether... But in the interests of speed, the target servers almost always send out the entire package, header and body, all at once. If the body is an image of even 500kb spamming these request packets and not spending flops receiving the response can take down practically any server.

any well programmed botnet decodes it's instructions from a 3rd server, not the target.

and I really hate to break it to the internet-illiterate, but, if you're trying to obfusca

te a packet in a way that makes it difficult for a botnet to read, you're also making it infinitely harder for any browser to read, reducing the overall performance for the end user. Think early otts antiviruses. Most viruses did less damage than trying to run norton 24/7

Please sign in to add a comment.
Registration is free, and takes less than a minute.
Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.